Alternatives and similar repositories for attest-sbom

Users that are interested in attest-sbom are comparing it to the libraries listed below

• github / actions-oidc-debugger
  An Action for printing OIDC claims in GitHub Actions.
  ☆107Updated last week
• actions / publish-immutable-action
  A GitHub Action used for publishing an Action to ghcr.io as an OCI container.
  ☆103Updated last month
• actions / attest
  Action for generating attestations for workflow artifacts
  ☆59Updated last week
• actions / publish-action
  ☆51Updated last week
• github / evergreen
  GitHub Action to enable automated security updates and open a issue/PR in repos in an org that have dependency files but no dependabot.ya…
  ☆211Updated this week
• ossf / scorecard-action
  Official GitHub Action for OpenSSF Scorecard.
  ☆330Updated this week
• GitHubSecurityLab / actions-permissions
  GitHub token permissions Monitor and Advisor actions
  ☆325Updated last month
• actions / container-toolkit-action
  Template repo for creating container actions using https://github.com/actions/toolkit/
  ☆144Updated this week
• actions / reusable-workflows
  Reusable workflows for developing actions
  ☆72Updated last week
• 1Password / check-signed-commits-action
  GitHub Action to check PRs for signed commits
  ☆55Updated last year
• github / cleanowners
  A GitHub Action to suggest removal of non-organization members from CODEOWNERS files
  ☆135Updated this week
• octokit / graphql-action
  A GitHub Action to send queries to GitHub's GraphQL API
  ☆131Updated last week
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆192Updated 3 months ago
• github / stale-repos
  Find stale repositories in a GitHub organization.
  ☆186Updated this week
• step-security / secure-repo
  Orchestrate GitHub Actions Security
  ☆295Updated last month
• qoomon / actions--access-token
  Get rid of personal access tokens (PAT), use temporary GitHub Application access tokens instead!
  ☆142Updated this week
• github / ossar-action
  Run multiple open source security static analysis tools without the added complexity with OSSAR (Open Source Static Analysis Runner).
  ☆96Updated last year
• zgosalvez / github-actions-ensure-sha-pinned-actions
  A Github Action to ensure that actions are pinned to full length commit SHAs
  ☆47Updated last week
• github / lock
  Lock Action to support deployment locking for the branch-deploy Action
  ☆47Updated 2 months ago
• micnncim / action-label-syncer
  GitHub Action to sync GitHub labels in the declarative way
  ☆216Updated 2 years ago
• hadolint / hadolint-action
  GitHub action for Hadolint, A Dockerfile linting tool
  ☆230Updated last week
• secrethub / actions
  Load secrets into GitHub Actions
  ☆47Updated 4 years ago
• github / actions-oidc-gateway-example
  Example of using Actions OIDC token to proxy into a private network
  ☆96Updated 5 months ago
• SvanBoxel / organization-workflows
  Need to centrally manage and run Actions workflows across multiple repositories? This app does it for you.
  ☆135Updated last year
• actions / runner-container-hooks
  Runner Container Hooks for GitHub Actions
  ☆110Updated this week
• advanced-security / sbom-generator-action
  ☆16Updated 7 months ago
• actions / gh-actions-cache
  A GitHub (gh) CLI extension to manage the GitHub Actions caches being used in a GitHub repository.
  ☆320Updated 10 months ago
• actions / container-action
  ☆197Updated 3 weeks ago
• fossas / fossa-action
  Find license compliance and security issues in your applications with FOSSA and GitHub Actions.
  ☆57Updated this week
• machine-learning-apps / actions-app-token
  Impersonate a GitHub App Token inside Actions
  ☆61Updated 5 years ago